infrastructure
infrastructure
The longer an application remains vulnerable, the more likely it is to be compromised. Protecting web applications is an around-the-clock job. Almost anything that is connected to the Internet is a target these days, and organizations are scrambling to keep their web properties available and secure. The ramifications of a breach or downtime can be severe: brand reputation, the ability to meet regulatory requirements, and revenue are all on the line. A 2011 survey conducted by Merrill Research on behalf of VeriSign found that 60 percent of respondents rely on their websites for at least 25 percent of their...
The BIG-IP platform is now ICSA Certified as a Network Firewall.
Internet threats are widely varied and multi-layered. Although applications and their data are attackers’ primary targets, many attackers gain entry at the network layer. Internet data centers and public-facing web properties are constant targets for large-scale attacks by hacker/hactivist communities and others looking to grab intellectual property or cause a service outage. Organizations must prepare for the normal influx of users, but they also must defend their infrastructure from the daily barrage of malicious users.
Security administrators who manage large web properties are struggling with security because traditional firewalls are...
Want to provide Cloud services to the federal government? Then you’ll have to adhere to almost 170 security controls under the recently announced Federal Risk and Authorization Management Program. The program, set to go live in June, is designed to analyze/audit cloud computing providers for federal government agencies, expedite security clearances for cloud providers and foster the adoption of cloud computing by the Federal government. FedRAMP is meant to provide a baseline for low to moderate risk systems and is based on the NIST cyber-security Special Publication 800-53 Revision 3. FedRAMP provides an overall checklist for handling risks associated with...
It’s that time of year when we gift and re-gift. And the perfect opportunity to re-post, re-purpose and re-use my 2011 blog entries. If you missed any of the approximately 50 blogs, 11 audio whitepapers or 47 videos, here they are wrapped in one simple entry. I read somewhere that lists in blogs are good. Have a Safe and Happy New Year. F5 Security Vignette Series 2012 IT Staffing Crisis? The Top 10, Top Predictions for 2012 Pearl Harbor, Punchbowl and my...
After just proclaiming, a mere four days ago in The Top 10, Top Predictions for 2012, that I wouldn’t predict anything for 2012 and simply would repurpose other’s predictions, I offer this prognosis. An area I have been thinking about recently is the availability of IT personnel, or lack thereof in 2012. It began with a conversation with a F5 colleague and a simple premise: Information Technology personnel seem to be in demand. We have read stories to this effect, and even anecdotally realized that times are not that bad for IT careers, despite the financial crisis. Sure, many...
Around this time of year, almost everyone and their brother put out their annual predictions for the coming year. So instead of coming up with my own, I figured I’d simply regurgitate what many others are expecting to happen. Security Predictions 2012 & 2013 - The Emerging Security Threat – SANS talks Custom Malware, IPv6, ARM hacking and Social Media. Top 7 Cybersecurity Predictions for 2012 - From Stuxnet to Sony, a number of cyberattacks emerged in 2011 that experts have predicted for quite some time. Webroot’s top seven...
In 2006, Cablevision was developing a service which allowed customers to record, pause and replay their television content on/from servers located at Cablevision’s data center rather than on the customer’s Digital Video Recorder itself – in the cloud rather than on a local hard drive. A consortium of U.S. television and copyright holders challenged Cablevision in court arguing that Cablevision’s Remote Storage Digital Video Recorder (RS-DVR) infringed on copyrighted content laws in that, they were making copies of protected works and infringing on exclusive right of reproduction; briefly buffering/storing that content also infringes on exclusive reproduction rights; and by transmitting...
We try to offer many learning opportunities thru webinars so if there are other topics you’re interested in, there are some links below but also check out the F5 WebCasts page along with DevCentral’s Media site. We also post video content to our YouTube Channel, if that’s your game. In this v11 webinar, I tell stories around various threats like DDoS, insecure DNS, web 2.0, AJAX, JSON payloads along with some unified access security/control based on identity. Originally offered to our EMEA audience, now for everyone to enjoy. Running time: 65:50
<div style="padding-bottom: 0px; margin: 0px; padding-left: 0px; padding-right: 0px;...
When creating any security-enabled network device, development teams must fully investigate security of the device itself to ensure it cannot be compromised. A gate provides no security to a house if the gap between the bars is large enough to drive a truck through. Many highly effective exploits have breached the very software and hardware that are designed to protect against them. If an attacker can breach the guards, then they don’t need to worry about being stealthy, meaning if one can compromise the box, then they probably can compromise the code. F5 BIG-IP Application Delivery Controllers are positioned at...
I visited F5's International Technology Center in the heart of London and want to share an amazing tour with Shareef Qureshi, F5 Product Management Engineer. The facility includes a state of the art lab facility, executive briefing center, workroom facilities and an immersive TelePresence room. See the equipment, how it's managed and cooled, the meeting facilities and more. Only a month old, the F5 ITC showcases some of the latest data center technology. F5’s new London ITC will be the first Application Delivery & Data Solutions competency center in all of EMEA. Special thanks to Ross Draper for following us...
Full infrastructure Archive
